Information Security · Infrastructure · Automation

Information Security
& Infrastructure Engineer.

Security Engineering · Cloud · Automation · Networking

18+ years building and securing enterprise IT infrastructure across MSP & MSSP environments. I specialize in Windows automation, vulnerability remediation at scale, and turning disorganized environments into clean, measurable, self-sustaining systems — from CIS-compliant baselines to leading helpdesk teams. I take full ownership and deliver.

18+
Years Experience
72K+
Vulns Remediated
2.5K+
Devices Managed
35
Clients · 52 Servers
View My Work → Get In Touch
MK
Michael Krawczyk
MCP · SIMPLESENSE.IO · MCHENRY, IL
MCP Certified
Core Proficiencies
Windows Automation & RMM95%
Security Ops & CVE Remediation92%
Windows Server & Active Directory94%
Networking & Firewall88%
Cloud & Infrastructure85%
MCPConnectWiseCIS AzureSentinelOneNIST
// key_outcomes
VERIFIED
Patch Compliance — Jan 2025
93%
🛡
Vulnerabilities remediated
72,454
Scripts — 8-stage lifecycle
28+
👥
Team led — Helpdesk & T2/T3
3 Eng.
What I Do

Core Expertise

Six interlocking disciplines built across 18+ years of MSP, MSSP & enterprise IT environments.

Windows Automation & RMM
Scalable group structures, automated provisioning, and fixed-schedule script execution across multi-client environments. Patch management at scale for 2,500+ devices achieving 90%+ compliance.
ConnectWise AutomateNinjaOnePowerShellIaCWSUS
🛡️
Security Operations
CVE triage and remediation, CIS and NIST 800-171 / CMMC baseline enforcement, SIEM monitoring, endpoint security management, and MITRE ATT&CK-aligned hardening controls.
SentinelOneHuntressCIS / NISTSIEM / GraylogKnowBe4
🖥️
Windows Server & Microsoft
Full-stack Windows server administration from 2003 through 2022, Active Directory design, Group Policy, all versions of Exchange through Exchange Online, and Microsoft 365 / Azure administration.
Server 2003–2022Active DirectoryExchangeM365 / AzureGPO / FSRM
🌐
Networking & Firewalls
TCP/IP, LAN/WAN, VPN configuration, and multi-site firewall management. Hands-on SonicWall, Cisco Meraki, pfSense, and WatchGuard. ISP coordination and outage response.
SonicWallCisco MerakipfSenseVPNWireshark
☁️
Cloud, DR & Infrastructure
Azure VM, storage, and networking. Disaster recovery design with Datto, Axcient, and Veeam. Proxmox virtualization, Synology NAS, and daily health checks across 35 clients and 52 servers.
Microsoft AzureDattoVeeamAxcientProxmox
📋
Leadership & Operations
Helpdesk lead overseeing 2–3 engineers. T2/T3 escalation SME. SOP and runbook authorship, vendor relationship management (Ingram Micro, ConnectWise ecosystem), and MSP/MSSP cost optimization.
Helpdesk LeadAutotask PSASOPs / RunbooksVendor Mgmt
Work Samples

Featured Projects

Real environments, real problems, measurable outcomes.

Automation · Infrastructure
Windows Automation Playbook
End-to-end documentation of a scalable Windows automation framework — group provisioning hierarchy, configuration enforcement, centralized script repository with 28+ scripts, and full remediation workflows across all clients.
Scalable across all client environments
Security · Vulnerability Mgmt
72,454 Vulnerabilities → 93% Compliance
Inherited a broken RMM console with no documentation, no vendor support, and no existing processes. Built the entire remediation program from scratch — structured baselines, automated CVE scripts, and a measurable tracking framework.
93% patch compliance — January 2025
Engineering · DevOps
Script Repository Architecture
28+ scripts organized by CVE category with a full 8-stage review pipeline — requirements, peer approval, controlled testing, stagger distribution, and post-deployment monitoring. Safely deployable to thousands of endpoints.
28+ scripts · 8-stage lifecycle
Security · Analysis
ASIO Data Integrity Investigation
Identified scanner drift producing inaccurate vulnerability counts between ASIO and Automate. Cross-validated with manual checks, analyzed 60-day trending baselines, documented and escalated findings through to full resolution.
Data integrity restored across all clients
AI · Generative Media
AnimateDiff on Legacy CPU Hardware
Deployed the AnimateDiff AI animation pipeline on a CPU-only Proxmox LXC container running dual Xeon X5650 processors with no GPU. Resolved deep Python dependency conflicts across incompatible library versions to achieve a fully working text-to-animation system on hardware from 2010.
Full write-up & deployment guide →
How I Work

Professional Strengths

The qualities that show up in every environment, every ticket, every project.

🔬
Investigation & Analysis
  • Complex multi-system incident investigation
  • Log, alert & user-impact correlation
  • Root cause analysis with evidence-based reasoning
  • Defensible timeline building for audits
  • Pattern recognition in recurring issues
  • Escalation judgment and triage under pressure
⚙️
Operational Excellence
  • Calm and methodical during high-pressure incidents
  • Strong SLA awareness and MTTR reduction focus
  • Cost optimization mindset across tooling stacks
  • Reliable during critical after-hours incidents
  • Proactive client business continuity planning
  • Self-directed — drives progress independently
📝
Documentation & Communication
  • Audit-ready ticket notes and defensible timelines
  • SOPs, runbooks, and escalation playbooks
  • Clear technical writing for non-technical audiences
  • Knowledge base authorship & infrastructure diagramming
  • Repeatable operations design for team scalability
Get In Touch
Let's talk about
what you're building.

Whether you have a question about my work, want to discuss an engineering challenge, or explore how my background fits your team — I'm always happy to connect with the right people.

Hello@krawczyk.city
in
linkedin.com/in/michael-krawczyk-83a7b364
</>
github.com/MichaelKraw